gfelot
April 10, 2018, 6:35am
1
I have my own website to my own vps. I wanted to work a bit on it but I just saw that now I cannot connect to gilfelot.com .
I try to renew the cert but everything is ok. I didn’t touch my nginx config since so I have no clue where to look at to solve this issue.
I can ssh/ping my server and I even can see it when I try the pingdom tool to score my website.
Thanks.
_az
April 10, 2018, 6:52am
2
Are you trying to connect to it over IPv6 by any chance?
IPv4 is working fine but IPv6 just blows up.
$ curl -i -6 https://gilfelot.com
curl: (35) Encountered end of file
IOW, your IPv6 setup for that domain is not working.
gfelot
April 10, 2018, 4:39pm
3
Yes you right I just check myself. Totaly forget to test this.
I don’t know what’s wrong because I have setup my nginx to accept ipv6.
server {
listen 80;
listen [::]:80;
server_name www.gilfelot.com gilfelot.com;
return 301 https://gilfelot.com$request_uri;
}
server {
listen 443;
listen [::]:443;
server_name www.gilfelot.com;
return 301 https://gilfelot.com$request_uri;
}
server {
root /var/www/html;
listen 443 ssl http2;
listen [::]:443 ssl http2;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name gilfelot.com;
location / {
try_files $uri $uri/ =404;
}
ssl_certificate /etc/letsencrypt/live/gilfelot.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/gilfelot.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
Also UFW is correct.
To Action From
-- ------ ----
Nginx Full ALLOW Anywhere
OpenSSH ALLOW Anywhere
Nginx Full (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
Doesn't this need the ssl directives too? I guess maybe it's taking precedence and causing nginx to serve http rather than https on port 443 over ipv6? (not sure why it would behave differently on ipv4 though)
1 Like
gfelot
April 11, 2018, 5:21am
5
I may left this typo yeah. I added ssl http2
for the 2 mentioned lines but it doesn’t seems to solve the issue.
It needs, at minimum, a certificate and key. (ssl_certificate
and ssl_certificate_key
.) Or else Nginx will malfunction.
2 Likes
gfelot
April 11, 2018, 6:16pm
7
I feel so dumb now… It was simply that… but since Cerbot add an automatic redirection I don’t even need this part.
system
Closed
May 11, 2018, 6:16pm
8
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.